PT-2020-18519 · Mitsubishi · Melqic Iu1 Series
Published
2020-03-16
·
Updated
2020-03-19
·
CVE-2020-5544
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Mitsubishi Electric MELQIC IU1 series IU1-1M20-D version 1.0.7 and earlier
Description
A Null Pointer Dereference issue in the TCP function of the firmware allows remote attackers to stop network functions or execute malware by sending a specially crafted packet.
Recommendations
For Mitsubishi Electric MELQIC IU1 series IU1-1M20-D version 1.0.7 and earlier, update to a version later than 1.0.7 to resolve the issue.
As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Melqic Iu1 Series